> On Thu, 11 Dec 2003, Matt Kettler wrote:
> > At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
> > >ok, this one makes sense. I guess dynablock will hit on anyone who emails
> > >from their mail program and has the smtp server set to their hosted server
> > >i
On Thu, 11 Dec 2003, Matt Kettler wrote:
> At 11:52 AM 12/11/2003, Rob Mangiafico wrote:
> >ok, this one makes sense. I guess dynablock will hit on anyone who emails
> >from their mail program and has the smtp server set to their hosted server
> >instead of the ISP's mai
> >Email thru our server from home PC:
> >---
> >Received: from fico (ct-nrwch-cuda1-xxx.nwchct.adelphia.net
> >[68.170.14x.4x])
> > by lexiconn.serverhost.net (8.11.6/8.11.6) with ESMTP id
> >hBB0Wcp23535
> > for <[EMAIL PROTECTED]>; Wed, 10 Dec 2003 19:32:38 -0500
> >From: "LexiCo
After upgrading to 2.61, we re-enabled the DYNABLOCK RBL checks. They
still seem to hit on emails that I do not believe should be matching
DYNABLOCK IP's. Here are a few headers they hit on:
cgiemail email
---
Received: (from [EMAIL PROTECTED])
by lexiconn.serverhost.net (8.11.6/8.11.6)
> Summary of major changes since 2.60
> ---
> - updated to reflect new Dynablock DNSBL location
Does 2.61 also fix the bugs and problems with DYNABLOCK and NJABL hitting
false positives for different header issues and mailserver configs? Just
want to make sure b
Before I submit a bug, I wanted to see if this was a known issue in 2.60.
It seems some spams can somehow interject false AWL points to get their
spam through. This morning, I cleared out the AWL entry for the email
address [EMAIL PROTECTED] Only an hour later, I got the spam below,
and here
> >I was thinking today wouldn't it be better to just ignore all the periods,
> >commas, and what have you in the text? Inside SA we could just drop those
> >and then search the message from that.
> >
> >I've had one spammer who just puts a random period in the message and it
> >doesn't get tagged
Hello:
The test MSGID_FROM_MTA_SHORT seems to hit on every form received from a
cgi form script for all of our users. Here is a sample header it hits on:
---
Received: (from [EMAIL PROTECTED])
by xxx.yyy.zzz (8.11.6/8.11.6) id h9JJOMP25529;
Sun, 19 Oct 2003 15:24:22 -0400
Date: Su
Is anyone else seeing lots of timeouts for razor today? Seems to be timing
out a lot today. I tried changing the discovery servers, etc... but no
noticable difference.
Rob
---
This SF.net email is sponsored by: SF.net Giveback Program.
Sourc
> >So this means we cannot run multiple sessions?
> >
> >I'm running SA 2.6 spamd/spamc, and getting this same error log.
> Not without error messages... however, as Theo very correctly pointed out
> the errors aren't fatal, it just means that an attempt at autolearning
> failed. SA itself keeps
> Actually, when I type "spamd --help" from the command line with our newly
> installed 2.60 software, I get:
> ---
> Insecure directory in $ENV{PATH} while running with -T switch at
> /usr/lib/perl5/5.6.0/Cwd.pm line 85.
> ---
>
> spamd appears to be running fine currently. Any ideas why this i
> > It's the first option on the list if you type spamd --help
>
> Thanks. Just didn't see it in the online docs, so wanted to make sure and
> feed it back to the doc maintainers.
Actually, when I type "spamd --help" from the command line with our newly
installed 2.60 software, I get:
---
In
> It's the first option on the list if you type spamd --help
Thanks. Just didn't see it in the online docs, so wanted to make sure and
feed it back to the doc maintainers.
> > In the 2.60 docs, the -a "auto whitelist" parameter is no
> > longer listed as an option. Is it still supported? If n
In the 2.60 docs, the -a "auto whitelist" parameter is no longer listed as
an option. Is it still supported? If not, what do we set for using auto
whitelists with spamd?
Thanks.
Rob Mangiafico
---
This sf.net email is sponsored by
> > - Our users probably are not going to be able to feed spam/ham into the
> > learning system in SA manually. Based on this, would you recommend turning
> > on auto bayes learning per user, or leave it off as we did in 2.55?
>
> Its should general improves results, so if you have the resources
2.60 now, is there an imminent 2.61
release that fixes big problems, etc...?
2.55 with AWL and NO bayes performed great for its duration. Of course, we
are always looking to improve the system, and look forward to any feedback
on these issues.
Thanks.
Rob Mangiafico
Has anyone noticed any of the default RBL's in 2.55 being down lately?
Seeing a lot of 13 second times for processing, and was wondering if
anyone knew of any problems with the default RBL's.
Thanks.
Rob
---
This sf.net email is sponsored b
Is all we have to do to patch the Razor2 timeout issue with the alarm
being reset is to apply the cvs changes for the files Dns.pm and
Reporter.pm that deal with the alarm resetting code? I think those are the
only changes needed, but I wanted to be sure.
Thanks!
Rob M.
---
I'll answer my own question :)
Create a razor-agent.conf file in each user's .razor directory that
contains the line:
logfile= /dev/null
That seems to be the best way to get rid of razor logs.
Rob M.
On Thu, 31 Oct 2002, Rob Mangiafico wrote:
> Hello:
>
&
Hello:
If we are using razor2 and SA with spamc/d and the -H parameter, what is
the best way to get rid of the logfiles razor creates? Is it to sym link
/home/user1/.razor/razor-agent.log to /dev/null, or setup a separate
razor.conf file (not sure how/where to do so if this is the case)...?
We
It seems that over the past few weeks, more and more spam is getting
through SA 2.43. We run it without RBL checks enabled, and in the past
this seemed to get most of the spam. Now it seems 20-30% more spam is
coming in per day not tagged as spam.
Has anyone given thought to a "Live Update" typ
Ollie:
I would recommend deleting the database and starting fresh. 2.42 put some
heavy negative numbers in there, so the DB is more corrupt than accurate
at this point. Deleting it will allow it to track spam and non-spam in a
much better manner now.
Some people have even recommended running w
The xxx.xxx is what hit it. That spam phrase searches for text with xxx
xxx in beginning and end (among other things) and it tripped the rule.
On Sat, 19 Oct 2002, Kenneth Porter wrote:
> >From the qpopper mailing list. SA 2.41 thinks it's porn. I can see the
> all-caps "unlimited", but I don't
I agree. I think a system whereby the weighted average of long term scores
dictates how well each email is received. ie, a friend that sends you 20
good emails should have a heavily weighted negative average to offset the
occassional spam type email they may send you. And a spammer that sends
Hmmm:
So the AWL has completely changed from stopping repeat spammers from
getting through and allowing a person who normally sends good email who
sends you that 1 spam email to still get through TO a system where a
spammer who sends consistent spam emails will eventually *break through*
and
On Wed, 26 Jun 2002, Bart Schaefer wrote:
> > I had that happen to me too. I had to manually edit the user's spool file
> > and turn the "rom" into "From" to keep the email clients from gaggingn
> >
> > On Fri, 7 Jun 2002, Aaron Falk wrote:
> >
> > > I'm trying to integrate Spamassassin into my
Hello:
If using the autowhitelist feature with spamd (-a), I thought that it
would only add a negative score value based on the number of emails sent
and their average score. I have seen the AWL score be positive though, and
it tagged a completely blank email as spam based on past emails havin
Hello,
With spamd running (SA 2.20), and per user auto-whitelist enabled, are
there any problems or limits with the number of entries in a user's
auto-whitelist.db file and its effect on server performance? As the
program runs longer, some people's auto-whitelist file will contain 1000's
of e
28 matches
Mail list logo
